Select Page

Word of the Week

Kerberos

A system developed at the Massachusetts Institute of Technology that depends on passwords and symmetric cryptography (DES) to implement ticket-based, peer entity authentication service and access control service distributed in a client-server network environment.

Jitter

Jitter or Noise is the modification of fields in a database while preserving the aggregate characteristics of that make the database useful in the first place.

Inference Attack

Inference Attacks rely on the user to make logical connections between seemingly unrelated pieces of information.

Hash Functions

(cryptographic) hash functions are used to generate a one way “check sum” for a larger text, which is not trivially reversed. The result of this hash function can be used to validate if a larger file has been altered, without having to compare the larger files to each other. Frequently used hash functions are MD5 and SHA1.

gethostbyaddr

The gethostbyaddr DNS query is when the address of a machine is known and the name is needed.

False Rejects

False Rejects are when an authentication system fails to recognize a valid user.

Encryption

Cryptographic transformation of data (called “plaintext”) into a form (called “cipher text”) that conceals the data’s original meaning to prevent it from being known or used.

Data Encryption Standard (DES)

A widely-used method of data encryption using a private (secret) key. There are 72,000,000,000,000,000 (72 quadrillion) or more possible encryption keys that can be used. For each given message, the key is chosen at random from among this enormous number of keys. Like other private key cryptographic methods, both the sender and the receiver must know and use the same private key.

Cache Poisoning

Malicious or misleading data from a remote name server is saved [cached] by another name server. Typically used with DNS cache poisoning attacks.

Backdoor

Week 3:
Backdoor
A backdoor is a tool installed after a compromise to give an attacker easier access to the compromised system around any security mechanisms that are in place.

Access Control List

A mechanism that implements access control for a system resource by listing the identities of the system entities that are permitted to access the resource.

IPSEC

Internet protocol security (IPsec) is a set of protocols that provides security for Internet Protocol.